Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43180.roa
File: AS43180.roa (raw, json)
Hash identifier: UKWDiMsx+hWMD3B+0aPXKi1F9mpCuFRqo9r7fqWqk18=
Subject key identifier: CF:0F:A1:9B:BE:77:2C:28:B8:8C:96:16:71:5E:D5:DA:B2:20:1C:2D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7F5B732FC91D3BB2AB260C7B93D89DF0384EF3F4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43180.roa
Signing time: Fri 07 Feb 2025 14:52:42 +0000
ROA not before: Fri 07 Feb 2025 14:47:42 +0000
ROA not after: Fri 06 Feb 2026 14:52:42 +0000
asID: 43180
IP address blocks: 82.23.16.0/24 maxlen: 24
82.23.25.0/24 maxlen: 24
82.23.28.0/24 maxlen: 24
82.23.30.0/24 maxlen: 24
82.23.31.0/24 maxlen: 24
82.23.34.0/24 maxlen: 24
82.23.39.0/24 maxlen: 24
82.23.41.0/24 maxlen: 24
82.23.42.0/24 maxlen: 24
82.23.43.0/24 maxlen: 24
82.23.49.0/24 maxlen: 24
82.23.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:5b:73:2f:c9:1d:3b:b2:ab:26:0c:7b:93:d8:9d:f0:38:4e:f3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 7 14:47:42 2025 GMT
Not After : Feb 6 14:52:42 2026 GMT
Subject: CN=CF0FA19BBE772C28B88C9616715ED5DAB2201C2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5b:85:cc:37:ae:bc:21:4b:e2:79:e6:55:cc:
43:26:e7:4e:a4:32:f9:88:28:0f:d6:2a:ba:91:e1:
50:30:d3:c4:01:bb:59:3c:5f:55:56:3d:aa:89:12:
9f:6b:f6:09:9f:ef:dd:c0:42:b8:cc:5b:04:07:70:
ee:77:6c:99:46:16:cc:fd:6b:2b:66:ac:0f:12:26:
b7:ce:3d:3d:ed:82:43:66:c4:9a:b0:96:90:0b:be:
89:c3:48:bd:3e:ca:c3:a7:98:ac:9c:c7:81:47:e2:
21:3e:46:91:0c:48:0e:bf:d5:20:68:d0:ed:8f:88:
5a:8c:05:8d:c7:30:72:e9:4b:15:76:1a:67:fb:a7:
f7:96:51:ce:c9:ed:b2:fe:c7:cc:f0:98:ee:69:09:
c1:b5:f9:00:fe:a2:d1:2e:71:b4:43:c6:44:22:7e:
c4:07:58:df:cd:7c:2c:0f:ac:df:ff:d6:cd:ad:f0:
b2:e3:30:88:74:89:f2:08:d5:05:59:e1:27:49:f2:
85:d0:3d:79:dd:ad:60:b3:a9:d1:f9:30:df:a6:70:
ba:97:5a:55:87:35:15:41:ee:d7:7d:dd:27:b5:00:
8d:87:86:82:27:2b:a0:ee:92:a0:96:d5:31:24:83:
63:b1:14:a3:a7:09:61:1c:25:b3:41:35:f3:40:ce:
1e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0F:A1:9B:BE:77:2C:28:B8:8C:96:16:71:5E:D5:DA:B2:20:1C:2D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS43180.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.16.0/24
82.23.25.0/24
82.23.28.0/24
82.23.30.0/23
82.23.34.0/24
82.23.39.0/24
82.23.41.0-82.23.43.255
82.23.49.0/24
82.23.54.0/24
Signature Algorithm: sha256WithRSAEncryption
61:c8:8c:4d:ac:54:49:3a:89:88:5b:27:d4:c5:0f:cb:2d:ef:
72:e9:56:a6:4e:68:e4:42:45:e5:8e:62:71:fa:d1:a3:31:b0:
cf:fa:35:60:2c:04:fa:38:b1:b8:95:74:9f:a4:ad:25:f0:fb:
b2:c6:12:84:04:2c:7d:0d:53:9b:cb:2e:c8:fe:8b:40:53:08:
b1:69:f5:56:d4:c8:69:2c:71:b5:f7:68:d0:7e:37:c8:a9:04:
79:f9:77:5f:cd:81:8b:b2:21:e1:32:48:f4:6d:e3:7e:de:34:
21:a6:0b:0d:98:d1:42:90:bc:7e:50:69:7e:d3:d2:ba:01:51:
9c:60:2e:d7:f5:72:e5:26:be:68:d1:42:10:68:47:40:15:1d:
af:b0:96:7c:2a:de:4f:22:4a:4e:28:41:b8:53:31:c3:01:89:
5e:41:63:bc:1b:a8:e3:58:ac:76:a3:12:38:d5:00:4b:28:5e:
f8:15:7f:d7:8f:a7:3e:28:9d:1c:44:75:f6:66:aa:c4:ef:19:
db:63:b7:3a:08:b4:bc:0b:7e:4e:68:fc:af:38:ef:b3:1d:bf:
69:b2:c5:a4:3e:01:7e:f3:05:08:99:33:7c:8e:01:39:67:12:
18:94:d6:69:96:a0:e9:3e:4a:7d:d7:10:ee:48:52:5d:c5:d1:
16:94:0d:6b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUf1tzL8kdO7KrJgx7k9id8DhO8/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDcxNDQ3NDJaFw0yNjAyMDYxNDUyNDJaMDMxMTAvBgNV
BAMTKENGMEZBMTlCQkU3NzJDMjhCODhDOTYxNjcxNUVENURBQjIyMDFDMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2W4XMN668IUvieeZVzEMm506k
MvmIKA/WKrqR4VAw08QBu1k8X1VWPaqJEp9r9gmf793AQrjMWwQHcO53bJlGFsz9
aytmrA8SJrfOPT3tgkNmxJqwlpALvonDSL0+ysOnmKycx4FH4iE+RpEMSA6/1SBo
0O2PiFqMBY3HMHLpSxV2Gmf7p/eWUc7J7bL+x8zwmO5pCcG1+QD+otEucbRDxkQi
fsQHWN/NfCwPrN//1s2t8LLjMIh0ifII1QVZ4SdJ8oXQPXndrWCzqdH5MN+mcLqX
WlWHNRVB7td93Se1AI2HhoInK6DukqCW1TEkg2OxFKOnCWEcJbNBNfNAzh7RAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzw+hm753LCi4jJYWcV7V2rIgHC0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDMxODAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBABSFxAD
BABSFxkDBABSFxwDBAFSFx4DBABSFyIDBABSFycwDAMEAFIXKQMEAlIXKAMEAFIX
MQMEAFIXNjANBgkqhkiG9w0BAQsFAAOCAQEAYciMTaxUSTqJiFsn1MUPyy3vculW
pk5o5EJF5Y5icfrRozGwz/o1YCwE+jixuJV0n6StJfD7ssYShAQsfQ1Tm8suyP6L
QFMIsWn1VtTIaSxxtfdo0H43yKkEefl3X82Bi7Ih4TJI9G3jft40IaYLDZjRQpC8
flBpftPSugFRnGAu1/Vy5Sa+aNFCEGhHQBUdr7CWfCreTyJKTihBuFMxwwGJXkFj
vBuo41isdqMSONUASyhe+BV/14+nPiidHER19maqxO8Z22O3Ogi0vAt+Tmj8rzjv
sx2/abLFpD4BfvMFCJkzfI4BOWcSGJTWaZag6T5KfdcQ7khSXcXRFpQNaw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:19:53 2025 by rpki-client